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Amendments to the Claims: 

This listing of claims will replace all prior versions, and listings, of claims in 
the application: 

Listing of Claims: 



Claim 1 ( 


[currently amended) 


Claim 2 i 


^original) 


Claims ( 


'original) 


Claim 4 ( 


[currently amended) 


Claims ( 


'original) 


Claim 6 ( 


[currently amended) 


Claim? < 


[currently amended) 


Claims ( 


currently amended) 


Claim 9 I 


'original) 


Claim 10 


(currently amended) 


Claim 11 


(original) 


Claim 12 


(original) 


Claim 13 


(original) 


Claim 14 


(original) 


Claim 15 


(original) 


Claim 16 


(original) 


Claim 17 


(original) 


claim 18 


(original) 
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Claim 19 (currently amended) 

Claim 20 (currently amended) 

Claim 21 (currently amended) 

Claim 22 (original) 

Claim 23 (original) 

Claim 24 (original) 

Claim 25 (original) 
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1. (Currently amended) 

A method of creating [[a]] certificat es with redundant information to certify 
[[a]] several keys, wherein the certificate comprises a defined number of data 
elements which at least contain information on the certification body (issuer of the 
certificate), the user of the certificate and the key certified by the certificate, 
characterized by the following steps: 

a) Specification of a request for certification of one or more of [[the]] 
several keys by a certification body for a user. 



b) If in step a) only one key is to be initially certified, and no basic 
certificate is yet available for the user, creation of a basic certificate for 
the user with a defined number of data elements which, in the 
certification process, are identical for the respective user in conjunction 
with the respective certification body. 

c) Addition of an identifying characteristic to the basic certificate. 

d) Generation of a digital signature for the basic certificate. 

e) Addition of the digital signature to the basic certificate. 

f) Generation of a key pair. 
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g) Creation of a supplementary certificate for the basic certificate with a 
key as set out in step f), the identifying characteristic as set out in step 
c) and additional data fields not registered by the basic certificate. 

h) Generation of a digital signature for the supplementary certificate. 

i) Addition of the digital signature to the supplementary certificate. 

j} Use an existing basic certificate for the only one key when the one key 
shares the redundant information with the existing basic certificates. 

ki Use the basic certificate created in step b) for fiiture keys that share 
the redundant information with the basic certificate. 

2. (original) 

The method in accordance with Claim 1, characterized in that the basic 
certificate comprises the following data elements: 

- Name of certification body 

- User ID of certification body 

- Name of user 

- User ID of user 

- Identifying characteristic of the basic certificate 
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3. (Original) 

The method in accordance with Claim 1, characterized in that the 
supplementary certificate comprises the following data elements: 

- Signature algorithm 
-Key 

- Serial number of key 

- Validity period of the certificate 

- Extensions 

- Identifying characteristic of the basic certificate 

4. (currently amended) 

The method in accordance with Claim 1, characterized in that if step a) 
reveals that more than one key with the same validity period is to be certified at one 
time, instead of steps b) - i) the following steps are executed: 

aa) Generation of several key pairs. 

bb) Generation of a single group certificate (group certificate) for the 
several keys with all data elements necessary for the individual keys 
and keys generated in step aa), omitting the with only a single recitation 
of redundant data elements redundant to all the several keys in the 
group certificate . 

cc) Generation of a digital signature for the certificate. 



dd) Addition of the digital signature to the certificate. 
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5. (original) 

The method in accordance with Claim 4, characterized in that the certificate 
contains the following data elements: 

- Name of certification body 

- User ID of certification body 

- Name of user 

- User ID of user 

- Type/version of the certificate 

- Number and types of keys 
-Key 

- Validity 

- Serial number 

- Extensions 

6. (currently amended) 

The method in accordance with Claim 1 characterized in that, if only one key 
is to be certified in step a) and a basic certificate already exists as stated in step i) or 
k), instead of steps b) - i) the following steps are executed: 

aa) Definition of the basic certificate and reading of the identifying 
characteristics of the basic certificate. 

bb) Generation of a key pair. 
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cc) Creation of a supplementary certificate for the basic certificate with 
additional data fields not registered by the basic certificate, wherein 
one of the keys is inserted into the supplementary certificate in step 
bb). 

dd) Insertion of the identifying characteristics in accordance with step aa) 
into the supplementary certificate to locate the associated basic 
certificate, 

ee) Generation of a digital signature for the supplementary certificate. 

ff) Addition of the digital signature to the supplementary certificate. 

7. (currently amended) 

The method in accordance with Claim 6, characterized in that the 
supplementary certificat es each contain[[s]] the following data elements: 

- Signature algorithm 
-Key 

- Serial number of key 

- Validity period of the certificate 

- Extensions 

- Identifying characteristic of the basic certificate 
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8. (currently amended) 

The method for creating a certificate for simultaneous certification of several 
keys with the same validity period, wherein the certificate comprises a defined 
number of data elements which at least contain information on the certification body 
(issuer of the certificate), the user of the certificate and the key certified by the 
certificate, characterized by the following steps: 

aa) Generation of several key pairs. 

bb) Generation of a single joint certificate (group certificate) for several 
keys with all data elements necessary for the individual keys and keys 
generated in step aa), omitting the with the group certificate containing 
only a single recitation of redundant data elements redundant to all the 
several keys . 

cc) Generation of a digital signature for the group certificate, 
dd) Addition of the digital signature to the group certificate. 

9. (original) 

The method in accordance with Claim 8, characterized in that the group 
certificate contains the following data elements: 

- Name of certification body 

- User ID of certification body 

- Name of user 
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- User ID of user 

- Type/version of the certificate 

- Number and types of keys 
-Key 

- Validity 

- Serial number 

- Extensions 

10. (currently amended) 

A method for creating a certificate for certification of a new key for a user, 
wherein the certificate comprises a defined number of data elements which at least 
contain information on the certification body (issuer of the certificate), the user of 
the certificate and the key certified by the certificate, wherein a basic certificate for 
the user already exists and the basic certificate comprises data elements which, in 
the certification process, are identical for the respective user in conjunction with the 
respective certification body, characterized by the following steps: 

aa) Definition of the basic certificate for the user and reading of the 
identifying characteristics of the basic certificate. 

bb) Generation of a key pair for the new key . 

cc) Creation of a supplementary certificate for the basic certificate with 
additional data fields not registered by the basic certificate, wherein 
one of the keys is inserted into the supplementary certificate in step 
bb). 
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dd) Insertion of the identifying characteristics in accordance with step aa) 
into the supplementary certificate to locate the associated basic 
certificate. 

ee) Generation of a digital signature for the supplementary certificate, 
fif) Addition of the digital signature to the supplementary certificate. 

11. (original) 

The method in accordance with Claim 10, characterized in that the 
supplementary certificate contains the following data elements: 

- Signature algorithm 
-Key 

- Serial number of key 

- Validity period of the certificate 

- Extensions 

- Identifymg characteristic of the basic certificate 

12. (original) 

The method in accordance with Claim 8, characterized in that the key is a 
public key. 

13. (original) 

The method in accordance with Claim 1, characterized in that the basic 
certificate and the supplementary certificate are stored in the non- volatile memory of 
a chipcard. 
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14. (original) 

The method in accordance with Claim 4, characterized in that the certificate 
(group certificate) is stored in the non- volatile memory of a chipcard. 

15. (original) 

The method for reading certificates created in accordance with Claim 1, 
characterized by the following steps: 

a) Check of the storage medium for presence of basic certificates. 

b) If present, identification of the necessary supplementary certificate. 

c) Read-in of the supplementary certificate to the RAM of a system. 

d) Definition of the identification number of the basic certificate fi'om the 
supplementary certificate. 

e) Read-in of the basic certificate to the RAM. 
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16. (original) 

The method in accordance with Claim 15, characterized in that, if no basic 
certificate could be identified in step a), instead of steps b) - e) the following steps 
are executed: 

f) Check of the storage medium for presence of group certificates. 

g) Read-in of the necessary group certificates to the RAM. 

17. (origmal) 

The method for reading of certificates created in accordance with Claim 10, 
characterized by the following steps: 

a) Check of the storage medium for presence of group certificates. 

b) Read-in of the necessary group certificate to the RAM. 

18. (original) 

The method in accordance with Claim 17, characterized in that the storage 
medium is a non- volatile memory of the chipcard. 
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19. (currently amended) 

A computer program product on a computer usable medium for creating [[a]] 
certificates to certify [[a]] several ke ys shying redundant information, wherein the 
certificate comprises a defined number of data elements which at least contain 
information on the certification body (issuer to the certificate), the user of the 
certificate and the key certified by the certificate, said computer program product 
comprising: 

a) software for specification of a request for certification of at least one of 
the several keys by a certification body for a user; 

b) software for creation of a basic certificate for the user with a defined 
number of data elements which, in the certification process, are identical for 
the respective user in conjunction with the respective certification body when 
initially only one key is to be certified, and no basic certificate is yet available 
for tiie user; 

c) software for the addition of an identifying characteristic to the basic 
certificate; 

d) software for the generation of a digital signature for the basic 
certificate; 

e) softwM-e for the addition of the digital signature to the basic certificate; 

f) software for generation of a key pair; 
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g) software for creation of a supplementary certificate for the basic 
certificate with a key as set out in f), the identifying characteristic as set out in 
c) and additional data fields not registered by the basic certificate; 

h) software for generation of a digital signature for the supplementary 
certificate; [[and]] 

i) software for addition of the digital signature to the supplementary 
certificaterr.ll : and 

j} use of the basic certificate created in step b) with fiiture keys that share 

the redundant information with the basic certificate by issuing an 

additional supplementary certificate with a new key pair. 

20. (currently amended) 

The computer program product in accordance with Claim 19, characcrizcd 
characterized in that the basic certificate comprises the following data elements: 

Name of certification body 
User ID of certification body 
Name of user 
User ID of user 

Identifying characteristic of the basic certificate. 
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21. (currently amended) 

The computer program product in accordance with Claim 19, characterized in 
that the supplementary certificates comprise[[s]] the following data elements: 

Signature algorithm 
Key 

Serial number of key 

Validity period of the certificate 

Extensions 

Identifying characteristic of the basic certificate. 

22. (original) 

The computer program product in accordance with Claim 19, characterized in that if 
more than one key with the same validity period is to be certified at one time, the 
following software replaces the software of b) to i); 

aa) software for generation of several key pairs; 

bb) software for generation of a certificate (group certificate) for several 
keys with all data elements necessary for the individual keys and keys 
generated in step aa), omitting the redundant data elements; 

cc) software for generation of a digital signature for the certificate; and 

dd) software for addition of the digital signature to the certificate. 
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23. (original) 

The computer program product software in accordance with Claim 22, 
characterized in that the certificate contains the following data elements: 



Name of certification body 

User JD of certification body 

Name of user 

User ID of user 

Type/version of the certificate 

Number and types of keys 

Key 

VaUdity 

Serial Number 

Extensions. 



24. (original) 

The computer program product in accordance with Claim 19, characterized 
that, if only one key is to be certified and a basic certificate aheady exists, the 
following software replaces the software of b) to i): 

aa) software code definition of the basic certificate and reading of the 
identifying characteristics of the basic certificate; 



bb) soflAvare code for generation of a key pair; 
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cc) software code for creation of a supplementary certificate for the basic 
certificate with additional data fields not registered by the basic certificate, 
wherein one of the keys is inserted into the supplementary certificate by step 
bb); 

dd) software code insertion of the identifying characteristics in accordance 
with step aa) into the supplementary certificate to locate the associated basic 
certificate; 

ee) software code generation of a digital signature for the supplementary 
certificate; and 

ff) software code addition of the digital signature to the supplementary 
certificate. 

25. (original) 

The computer program product in accordance with Claim 24, characterized in 
that the supplementary certificate contains the following data elements: 

Signature algorithm 
Key 

Serial number of key 

Validity period of the certificate 

Extensions 

Identifying characteristic of the basic certificate. 
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